The Universal Opt-Out Mechanism expansion represents the growing requirement across U.S. states for websites and platforms to recognize browser-level privacy signals such as the Global Privacy Control. When a user enables GPC or a similar signal, platforms must treat it as a valid consumer request to opt out of the sale or sharing of personal data and targeted advertising. Connecticut and Oregon joined the requirement in 2026, bringing the total to 12 states mandating recognition. The mechanism fundamentally shifts the consent architecture from platform-controlled opt-out forms to user-controlled browser signals, reducing friction for consumers exercising privacy rights.
ConductAtlas maps governance language to potentially relevant regulatory frameworks. Regulatory applicability and enforceability may vary by jurisdiction, enforcement context, and individual circumstances. This page is informational and does not constitute legal advice. Methodology
Showing 30 of 5443 provisions. View all →
Get alerted when platforms change their policies — including -relevant provisions.
Subscribe to Monitor — $19/moConductAtlas tracks -relevant provisions across 100 platforms. Each platform's specific provisions are classified by severity and mapped to requirements.
ConductAtlas captures policy documents daily, classifies provisions by regulatory framework, and flags changes that affect obligations. Every change is archived with cryptographic verification.